CVE-2021-33469

MEDIUM

COVID19 Testing Management System 1.0 - XSS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-33469. PoCs published by Rohit Burke.

AI-analyzed exploit summary This is a writeup describing a stored XSS vulnerability in COVID19 Testing Management System 1.0. The vulnerability allows an attacker to inject malicious JavaScript code into the 'Admin name' parameter, which is then executed when the admin visits any section of the application.

Description

COVID19 Testing Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the "Admin name" parameter.

Exploits (1)

exploitdb WRITEUP

by Rohit Burke · textwebappsphp

https://www.exploit-db.com/exploits/49887

View Code ZIP pw:eip

This is a writeup describing a stored XSS vulnerability in COVID19 Testing Management System 1.0. The vulnerability allows an attacker to inject malicious JavaScript code into the 'Admin name' parameter, which is then executed when the admin visits any section of the application.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: COVID19 Testing Management System 1.0

Auth required

Prerequisites: Admin credentials · Access to the admin profile section

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory x_refsource_misc

https://phpgurukul.com/

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/49887

Scores

CVSS v3 4.8

EPSS 0.0066

EPSS Percentile 46.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

phpgurukul/covid19_testing_management_system 1.0

Published May 26, 2021

Tracked Since Feb 18, 2026